{"id":33116,"date":"2017-07-26T12:40:31","date_gmt":"2017-07-26T02:40:31","guid":{"rendered":"https:\/\/www.aspistrategist.ru\/?p=33116"},"modified":"2017-07-26T12:40:31","modified_gmt":"2017-07-26T02:40:31","slug":"cyber-wrap-174","status":"publish","type":"post","link":"https:\/\/www.aspistrategist.ru\/cyber-wrap-174\/","title":{"rendered":"Cyber wrap"},"content":{"rendered":"
<\/figure>\n

Two of the largest marketplaces on the dark web, AlphaBay and Hansa Market, have been taken down by a joint US and Europol operation. By Europol\u2019s count, AlphaBay alone had over<\/a> 200,000 users, 250,000 listings for illegal drugs, and 100,000 listings for fraudulent or stolen identification documents.<\/p>\n

The dual announcements from the US<\/a> and Europol<\/a> come after two weeks of chaos and speculation. AlphaBay was initially offline on 4 July, in what appeared to be an \u2018exit scam<\/a>\u2019 orchestrated by its administrators to steal escrowed funds. Canadian Alexandre Cazes, suspected of being an AlphaBay co-founder, was arrested by police in Thailand on 5 July and his properties in Canada were raided<\/a> by the Royal Canadian Mounted Police. The plan was to extradite him<\/a> to the US to face criminal charges, but on 12 July he was found dead in his jail cell in Thailand after allegedly committing suicide<\/a>. Cazes\u2019 arrest solidified concerns among market users that the takedown of AlphaBay had been a law enforcement operation, driving many of them to rival websites like Hansa.<\/p>\n

But Dutch police had already taken<\/a> control of Hansa Market\u2019s systems from 20 June, two weeks before US authorities closed AlphaBay. When the AlphaBay \u2018refugees<\/a>\u2019 shifted their business to Hansa Market, Europol was able to grab user and transaction details, including 10,000 physical addresses. The twin takedowns have been described as \u2018planned chaos<\/a>\u2019, and involved close coordination among 12 agencies from a number of countries, including Thailand, the Netherlands, Lithuania, Canada, the UK, and France, demonstrating the long list of jurisdictions that need to work together for an operation on that scale to be effective. Moreover, it looks like one of the operation\u2019s psychological goals, to poison the web of<\/a> trust<\/a> that enables dark web markets to operate, has succeeded; a widespread advisory<\/a> was promulgated in the dark web community warning against using any dark web market, at least for the time being.<\/p>\n

Cyber-diplomacy may soon take a hit if the US Department of State\u2019s cybersecurity office gets shuttered. Current office head Christopher Painter, a two-decade veteran of the portfolio, is resigning the post at the end of July, and it\u2019s been suggested that the office will be merged into other bureaus<\/a>, or will go entirely unfilled amid other, ongoing staffing changes<\/a> in the State Department.<\/p>\n

Sweden has revealed that it suffered a nationwide data breach<\/a> exposing the sensitive personal information of millions of its citizens. The country\u2019s transport agency, in the midst of a database outsourcing project with IBM, reportedly e-mailed a plain-text database<\/a> full of highly sensitive registration and identification information to a number of subscribers in the first half of 2015<\/a>. Sweden\u2019s prime minister has announced that an investigation is being conducted, but concerns have been raised over the slow response\u2014while Sweden\u2019s security services immediately began taking action, the prime minister reportedly was only made aware of the issue in January<\/a> of this year, and a number of other failures of communication and accountability have been reported. Similarly, in the US, the Social Security numbers of 5.5 million people were accessed across several states after a massive breach of the Kansas Department of Commerce\u2019s data system in March 2017. The breach wasn\u2019t disclosed by the agency and only became public after the Kansas News Service filed an open records request.<\/p>\n

Cryptocurrency users have also been hit hard this week. Users of Parity Technologies\u2019 Ethereum wallet software became victims of a massive cryptocurrency heist<\/a> in which hackers grabbed the equivalent of US$30 million<\/a> from vulnerable wallets. It was the third, and largest in fiscal value, of four attacks on Ethereum this month<\/a>. Interestingly, when Parity employees<\/a> and other ethical hackers<\/a> noticed the initial grab, they used the same vulnerability to safely<\/a> Noah\u2019s Ark away another US$208 million worth<\/a> of Ether from vulnerable wallets while fixes were pushed out. The ethical hackers, calling themselves the \u2018White Hat Group<\/a>\u2019, have promised to return the funds to their owners once wallets are secure.<\/p>\n

Back in more conventional financial and cyber crime, new research from Digital Shadows<\/a>, a digital risk management company, has taken a deep dive into the \u2018carding\u2019 industry, or the industry around the theft and resale of credit card details for fraudulent use. They\u2019ve found a number of formal, in-depth online courses available for less than US$1,000<\/a> for Russian-speaking students, offering training on how to start gathering, using and reselling credit card data themselves.<\/p>\n

Researchers from Harvard\u2019s Belfer Center, including Bruce Schneier, have taken a look at parallel discovery in vulnerability research. From a corpus of 4,300 discovered vulnerabilities, they found that 15\u201320% were discovered independently at least twice<\/a> in the same year. That\u2019s much higher than the figure of 5.7% previously reported by the RAND Corporation<\/a>. The new finding has implications for intelligence agencies looking to discover and exploit vulnerabilities for intelligence collection. How likely is it that an adversary will also identify the same vulnerability and exploit it to your detriment?<\/p>\n","protected":false},"excerpt":{"rendered":"

Two of the largest marketplaces on the dark web, AlphaBay and Hansa Market, have been taken down by a joint US and Europol operation. By Europol\u2019s count, AlphaBay alone had over 200,000 users, 250,000 listings …<\/p>\n","protected":false},"author":608,"featured_media":33117,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"footnotes":""},"categories":[1,531],"tags":[1801,1973,1799,1111],"class_list":["post-33116","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","category-cyber-security-2","tag-cybercrime","tag-dark-web","tag-data-breach","tag-sweden"],"acf":[],"yoast_head":"\nCyber wrap | The Strategist<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.aspistrategist.ru\/cyber-wrap-174\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cyber wrap | The Strategist\" \/>\n<meta property=\"og:description\" content=\"Two of the largest marketplaces on the dark web, AlphaBay and Hansa Market, have been taken down by a joint US and Europol operation. By Europol\u2019s count, AlphaBay alone had over 200,000 users, 250,000 listings ...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.aspistrategist.ru\/cyber-wrap-174\/\" \/>\n<meta property=\"og:site_name\" content=\"The Strategist\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ASPI.org\" \/>\n<meta property=\"article:published_time\" content=\"2017-07-26T02:40:31+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2017\/07\/cobweb-1698801_640.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"426\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Michael Chi\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@ASPI_org\" \/>\n<meta name=\"twitter:site\" content=\"@ASPI_org\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Michael Chi\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#website\",\"url\":\"https:\/\/www.aspistrategist.ru\/\",\"name\":\"The Strategist\",\"description\":\"ASPI's analysis and commentary site\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.aspistrategist.ru\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-AU\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-AU\",\"@id\":\"https:\/\/www.aspistrategist.ru\/cyber-wrap-174\/#primaryimage\",\"url\":\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2017\/07\/cobweb-1698801_640.jpg\",\"contentUrl\":\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2017\/07\/cobweb-1698801_640.jpg\",\"width\":640,\"height\":426},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.aspistrategist.ru\/cyber-wrap-174\/\",\"url\":\"https:\/\/www.aspistrategist.ru\/cyber-wrap-174\/\",\"name\":\"Cyber wrap | The Strategist\",\"isPartOf\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/cyber-wrap-174\/#primaryimage\"},\"datePublished\":\"2017-07-26T02:40:31+00:00\",\"dateModified\":\"2017-07-26T02:40:31+00:00\",\"author\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/bf73a1a4a3c6adc42839e2f406680bb9\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/cyber-wrap-174\/#breadcrumb\"},\"inLanguage\":\"en-AU\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.aspistrategist.ru\/cyber-wrap-174\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.aspistrategist.ru\/cyber-wrap-174\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.aspistrategist.ru\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cyber wrap\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/bf73a1a4a3c6adc42839e2f406680bb9\",\"name\":\"Michael Chi\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-AU\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/9308fb9be6733bb4692a599b680cd09c?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/9308fb9be6733bb4692a599b680cd09c?s=96&d=mm&r=g\",\"caption\":\"Michael Chi\"},\"url\":\"https:\/\/www.aspistrategist.ru\/author\/michael-chi\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cyber wrap | The Strategist","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.aspistrategist.ru\/cyber-wrap-174\/","og_locale":"en_US","og_type":"article","og_title":"Cyber wrap | The Strategist","og_description":"Two of the largest marketplaces on the dark web, AlphaBay and Hansa Market, have been taken down by a joint US and Europol operation. By Europol\u2019s count, AlphaBay alone had over 200,000 users, 250,000 listings ...","og_url":"https:\/\/www.aspistrategist.ru\/cyber-wrap-174\/","og_site_name":"The Strategist","article_publisher":"https:\/\/www.facebook.com\/ASPI.org","article_published_time":"2017-07-26T02:40:31+00:00","og_image":[{"width":640,"height":426,"url":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2017\/07\/cobweb-1698801_640.jpg","type":"image\/jpeg"}],"author":"Michael Chi","twitter_card":"summary_large_image","twitter_creator":"@ASPI_org","twitter_site":"@ASPI_org","twitter_misc":{"Written by":"Michael Chi","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebSite","@id":"https:\/\/www.aspistrategist.ru\/#website","url":"https:\/\/www.aspistrategist.ru\/","name":"The Strategist","description":"ASPI's analysis and commentary site","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.aspistrategist.ru\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-AU"},{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.aspistrategist.ru\/cyber-wrap-174\/#primaryimage","url":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2017\/07\/cobweb-1698801_640.jpg","contentUrl":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2017\/07\/cobweb-1698801_640.jpg","width":640,"height":426},{"@type":"WebPage","@id":"https:\/\/www.aspistrategist.ru\/cyber-wrap-174\/","url":"https:\/\/www.aspistrategist.ru\/cyber-wrap-174\/","name":"Cyber wrap | The Strategist","isPartOf":{"@id":"https:\/\/www.aspistrategist.ru\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.aspistrategist.ru\/cyber-wrap-174\/#primaryimage"},"datePublished":"2017-07-26T02:40:31+00:00","dateModified":"2017-07-26T02:40:31+00:00","author":{"@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/bf73a1a4a3c6adc42839e2f406680bb9"},"breadcrumb":{"@id":"https:\/\/www.aspistrategist.ru\/cyber-wrap-174\/#breadcrumb"},"inLanguage":"en-AU","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.aspistrategist.ru\/cyber-wrap-174\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.aspistrategist.ru\/cyber-wrap-174\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.aspistrategist.ru\/"},{"@type":"ListItem","position":2,"name":"Cyber wrap"}]},{"@type":"Person","@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/bf73a1a4a3c6adc42839e2f406680bb9","name":"Michael Chi","image":{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/9308fb9be6733bb4692a599b680cd09c?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/9308fb9be6733bb4692a599b680cd09c?s=96&d=mm&r=g","caption":"Michael Chi"},"url":"https:\/\/www.aspistrategist.ru\/author\/michael-chi\/"}]}},"_links":{"self":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/33116"}],"collection":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/users\/608"}],"replies":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/comments?post=33116"}],"version-history":[{"count":1,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/33116\/revisions"}],"predecessor-version":[{"id":33118,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/33116\/revisions\/33118"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/media\/33117"}],"wp:attachment":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/media?parent=33116"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/categories?post=33116"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/tags?post=33116"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}